Note: I shall not be giving out a one-click solution to monitor DC searches intentionally even if it were possible. But if you are dedicated enough, you can figure things out by reading it. Also, I’m not the first person to know about this.

What is DC? It’s a peer-to-peer file sharing protocol. Computers connected with each other can share files among them, and if you are on LAN, you get them on a terrific speed.

GET TO THE POINT!!

Alright, alright.

Theory

Let’s say Mr X and I are connected to a DC hub. Let’s say it happens that both of us are online at the same time. Mr X searched for New movies in their favorite DC client e.g. DC++, LinuxDC++, etc. Their client sends this request to the hub we both are connected, to fetch a search result. The hub then forwards the request to everyone who is connected to it and returns the index for Mr X to click and download any file from anyone.

SO GIVE ME THE SCRIPT. OR DO YOU HAVE THE CODE OR A REPOSITORY?

There isn’t really a script or any code. :/

Exploit

Because of the theory, we can sit back, stay connected to the hub and receive a holy large amount of data like

Who joined/left the hub when, their nick and their IP address

What are people searching for and IP address associated with each query

Technology

Normal DC clients won’t allow us to see these requests. There is a client known as ncdc (distributed as a binary) which doesn’t really have a GUI, so you can run it on a terminal (Aah, the feels it gives!)

Use ncdc to connect to the hub

Enable logging to a file and set log_debug to True

Note: This will generate a lot of data if you’re connected to a large hub and thus make sure you keep clearing the log file

You probably will have to set some config in ncdc to change from Passive mode to Active mode or else, some hubs mights ban you. Google properly, read the ncdc documentation and you’ll be fine.

EDIT: Siddharth Kannan used tcpdump to capture the TCP/IP packets which contains the DC query strings as well. Check out the 107,000 search results he accumulated in a week over here stored as all_packet_info.json. This is the code he used

Live Streaming

It’s hard. But if you really want to live stream the searches and that to be accessible outside of the campus network, there is a hack. You can have a server hosted somewhere outside the network which is going to stream data to the public. Share the URL of this server to people you want to. Create an endpoint over here which can receive data through POST request. Now, use your laptop from inside the network to constantly send requests on to the server. Make sure to use authentication by headers to avoid exploitation!